Select Page

Cyber Security Assessment

Get a check up to lower your exposure

The Calvetti Ferguson cyber security assessment is a light-touch look into your IT environment and is normally completed in a few days. The cyber security assessment allows management to have a useful glimpse into how they are handling common risks to the company’s IT environment.

This solution helps management identify areas in need of improvement, as well as areas where it might make sense to take a deeper dive. Our high-level examination is customizable and scalable to accommodate the unique needs of organizations of all sizes, complexities, and industries. Our proprietary methodology is based on NIST Cybersecurity Framework (CSF), NIST SP 800-53 r5, and COBIT 2019.

The cybersecurity assessment is designed to assist organizations in:

  • Understanding their current security posture
  • Assessing their exposure to common vulnerabilities and threats
  • Making a preliminary evaluation as to the design of controls currently in-place

Our clients receive valuable insight into areas where they might be carrying significant risks, a preliminary evaluation as to the quality of controls in place, and detailed recommendations to help their organization improve.

The assessment is primarily focused on the areas of:

  • IT governance
  • Logical and physical security
  • Change management
  • IT operations
  • Problem management
  • Incident response
  • Business continuity
  • Disaster recovery
  • Third-party risk management

Our cyber security assessment process

Stakeholder meeting

The cyber security assessment begins with a collaborative meeting between stakeholders and the Calvetti Ferguson technology advisory team to better understand your business and technology environment.

Process owner interviews

We then interview relevant process owners to understand the current state of systems, processes, and controls in order to identify potential vulnerabilities and threats, and work to determine “what could go wrong”.


We will present your organization with an assessment that provides management a high-level overview of your current security posture, identifies gaps in your internal control framework, and recommends remediation strategies on how to address those items.

Opportunities for improvement

Additionally, we will provide management with a listing of “process improvement opportunities” which consist of informal recommendations and best practices that management might consider for implementation.

Customized phishing simulation campaign

This goes beyond “canned” phishing simulations to give management valuable insight into the company’s true susceptibility to phishing attacks, which can lead to ransomware infections, stolen credentials, email compromise, and other incidents.

Contact us

Calvetti Ferguson works with middle-market companies, private equity firms, and high-net-worth individuals nationwide. Regardless of the complexity of the compliance, assurance, advisory, or accounting need, our team stands ready to assist you. Please complete the form below, and we will follow up with you shortly.